[
https://issues.apache.org/jira/browse/JAMES-3897?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17772667#comment-17772667
]
Benoit Tellier commented on JAMES-3897:
---------------------------------------
CF https://github.com/apache/james-project/pull/1743
> IP filtering with CrowdSec
> --------------------------
>
> Key: JAMES-3897
> URL: https://issues.apache.org/jira/browse/JAMES-3897
> Project: James Server
> Issue Type: Sub-task
> Reporter: Benoit Tellier
> Priority: Major
>
> Thanks to recommandation from a collegue Xavier GUIMARD, I discovered
> CrowdSec ( https://www.crowdsec.net/ ).
> CrowdSec is a free, modern & collaborative behavior detection engine, coupled
> with a global IP reputation network, based on IA behaviour refinement.
> Develop a third-party plugin for questionning crowdSec:
> - Create a SMTP EHLO hook questionning via a REST call the CrowdSec local
> agent
> - Create a mailet questionning via a REST call the CrowdSec local agent
> - Create a mailet to provision local CrowdSec database (for highest level of
> spam for instance)
> - Think about the interfaces we would need to question CrowdSec upon
> incoming IMAP connections
> - Externalize behaviour linked to failed login attempts (sleep, 3 failure
> connection closure) as configurable extensible plugins.
> - Use it to manage IP reporting to crowdSec, especially upon failed
> authentications (~fail2ban).
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscr...@james.apache.org
For additional commands, e-mail: server-dev-h...@james.apache.org
